<?php
include_once "db.php";
include_once "checksession.php";
include_once "auth_permissions.php";
authorize("admin");

if (is_numeric($_GET[HD_user_ID]))
$user = mysql_query ("SELECT * FROM helpdesk_users WHERE HD_user_ID = '$_GET[HD_user_ID]'");
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="meta-style.css" rel="stylesheet" type="text/css" />
<title>Modify Helpdesk Users</title>

</head>

<body>
<?php
include_once "topnav.php";
?>

<p class="title">Edit Helpdesk User</p>
<form action="edit_user.php" method="post">
<table width="700" border="1" bordercolor="#000000" cellspacing="0" cellpadding="4">
<tr bgcolor="#999999">
<td bgcolor="#999999"><strong>Name</strong></td>
<td bgcolor="#999999"><strong>Username</strong></td>
<td bgcolor="#999999"><strong>Email</strong></td>
<?php
$auth_query = mysql_query("select `name` FROM `helpdesk_permissions`");
while ($permission = mysql_fetch_array($auth_query))
{
?>
<td bgcolor="#999999">
	<strong>
		<?php echo $permission['name']; ?>
	</strong>
</td>
<?php
}
?>
<td bgcolor="#999999"><strong>Password</strong></td>
</tr>

  <?php
    while($results = mysql_fetch_array($user)) 
   {
   ?>
   <tr>
		<td>
			<INPUT NAME="name" TYPE="TEXT" VALUE="<?php echo $results['name']; ?>">
		</td>
		<td>
			<INPUT NAME="username" TYPE="TEXT" VALUE="<?php echo $results['username']; ?>">
		</td>
		<td>
			<INPUT NAME="email" TYPE="TEXT" VALUE="<?php echo $results['email']; ?>">
		</td>
		<?php
		$auth_query = mysql_query("select `name`, `value` FROM `helpdesk_permissions`");
		while ($permission = mysql_fetch_array($auth_query))
		{
		?>
		<td>
			<INPUT NAME="<?php echo $permission['name']; ?>" TYPE="checkbox" value="<?php echo $permission['value']; ?>"
			<?php echo auth_check_user($_GET['HD_user_ID'], $permission['name']) ? "checked" : ""; ?>>
		</td>
		<?php
		}
		?>
		<td>
			<INPUT NAME="password" TYPE="password" VALUE="<?php echo $results['password']; ?>">
		</td>
	</tr>
	<?php
	}
	?>

</table>
<br/> 
<label>

</label>
<br/>

<input name="HD_user_ID" type="hidden" id="HD_user_ID" value="<?php echo $_GET['HD_user_ID']; ?>">

<input type=SUBMIT value="Submit" name="SUBMIT">
</form>

 <p><a href="index.php">Back to Main Menu</a></p>
</body>
</html>
